Forum Discussion

EastCoast_16835's avatar
EastCoast_16835
Icon for Nimbostratus rankNimbostratus
Sep 19, 2014

Using RSA SecurID for authentication and authorization

Hello, I am wondering if it possible to use APM with RSA SecurID for access authentication and authorization. I have no issues to configure the RSA server for authentication only. However, I am not sure how to retrieve the RSA group membership or similar attributes to check if the current user can access a particular resource?

 

The APM manual says that the session variable session.securid.last.attr.$attr_name should contain some values of the RSA attributes.

 

Where can I find the attribute list that can be retrieved in this way? Has anyone already tried to use RSA for authorization?

 

Thank you

 

2 Replies

  • It's up to your deployment if you are using local database or another source for user configuration in RSA. the easiest way should be to test, and having a look to the report menu in APM listing session variables for active sessions. there you can see all attributes sent by AAA.

     

  • For anyone else who has the similar challenge ...

     

    The only way to manage authorisations is to enable the RADIUS protocol on RSA and set RADIUS profiles with specific attributes for users instead of RSA groups. It seems that there is no way to get RSA group membership directly via the RSA client built into APM.